Is Twitter hack an inside job? Did Hackers Convince Twitter Employee to Help Them Hijack Accounts? Looks like it !!
A Twitter insider was responsible for a wave of high profile account takeovers on Wednesday, according to leaked screenshots obtained by Motherboard and two sources who took over accounts. – Vice
Twitter has shed some light on the unprecedented attack on Wednesday that resulted in numerous takeovers of high-profile accounts including those of President Barack Obama, Democratic candidate Joe Biden, and Tesla CEO Elon Musk. In a series of tweets posted this evening under its support channel, Twitter said that its internal systems were compromised by the hackers, confirming theories that the attack could not have been conducted without access to the company’s own tools and employee privileges. – Verge
Sources close to or inside the underground hacking community provided Motherboard with screenshots of the user tool. Two sources said the Twitter panel was also used to change ownership of some so-called OG accounts—accounts that have a handle consisting of only one or two characters—as well as facilitating the tweeting of the cryptocurrency scams from the high profile accounts. According to screenshots seen by Motherboard, at least some of the accounts appear to have been compromised by changing the email address associated with them using the tool.
To add more to the suspicion that this could be an INSIDE JOB by Twitter employees, Twitter has been deleting some screenshots of the panel and has suspended users who have tweeted them, claiming that the tweets violate its rules. These screenshots clearly show details about the target user’s account, such as whether it has been suspended, is permanently suspended, or has protected status.
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” the first tweet in a Twitter’s multi-tweet explainer thread reads. “We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf.”
It seems as though Twitter is admitting that numerous people , not just one individual, appear to have been involved in the hacks, and that numerous employees were compromised, too.
According Motherboard, hackers paid a Twitter employee to change the email addresses of popular accounts using the internal tool so that they could then take control of them.
A screenshot of the internal Twitter admin tool allegedly at the center of Wednesday’s unprecedented attacks that has been circulating among hacker communities, according to Motherboard. Image: Motherboard
Simultaneous account takeovers of a number of highly sensitive Twitter accounts — including those of presidential candidates and those with two-factor authentication enabled — suggest the hackers had at the very least indirect access to employee tools.
Twitter said it “immediately locked down the affected accounts and removed Tweets posted by the attackers.” It also took the unprecedented step of disabling the ability for verified accounts to send new tweets.
“This was disruptive, but it was an important step to reduce risk. Most functionality has been restored but we may take further actions and will update you if we do,” said Twitter in one of it’s updates. “We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely.” Twitter said it has taken steps internally to “limit access to internal systems and tools while our investigation is ongoing.”
To add more to this theory “Before hack tore through Twitter, online forum offered accounts for sale” reported Reuters. For $250 in digital currency, the seller promised they’d reveal the email linked to a Twitter account. And for $2,500, the buyer would get the account itself – satisfaction guaranteed.
“You will be given a full refund if for any reason you aren’t given the email/@,” the poster said, describing the Twitter account with an @ sign.
With all this emerging details, it’s hard not to believe that Twitter hack is an inside job. We will leave it for the audience to ponder on that possibility.
Sources:Recommend0 recommendationsPublished in